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DETAILED ACTION 

DETAILED ACTION 

1 . Applicant claims raised 1 12 issues that were resoled by agreement on the telephone 
interview with Luck K. Pedersen on August 21, 2007. Authorization for examiner's amendment 
is also given to all independent claims 1, 12, 18, 23, and 28 to particularly point out the 
invention. 

EXAMINER'S AMENDMENT 

2. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Luke K. Pedersen on August 2 1 , 2007. 

Please replace claims 1-2, 12, 18, 23, and 28 as follows: 

1 . (Currently Amended) A method for authenticating and authorizing a user of 
an electronic device in communication with a network, comprising: 
registering [[a]] said user with a network; 

generating a unique universal user identifier representing said user at the time said 
user registers with said network, said unique universal user identifier being at least partially 
based on information supplied by said user during registration with said network; 
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receiving a user request from said user, said user using [[an]] said electronic device in 
communication with the network; 

searching for information relating to said user in a repository of user information, said 
searching based at least partially on said user request and a login identity supplied by said user; 

retrieving, from the repository of user information, said unique universal user identifier 
representing said user upon locating said information of said user; 

storing at least said unique universal user identifier in a data packet; 

sending said data packet to a storage device such that said data packet is transmittable to 
electronic devices in communication with said network when said user attempts to access a 
resource within said network; [[and]] 

retrieving an authorization datum associated with said user, based at least partially on 
said unique universal user identifier, from said resource [[.]] ; and 

wherein said user attempts to access said resources within said network is permitted 
without authentication time-out interval using said data packet. 

2. (Currently Amended) The method of claim 1, wherein receiving [[a]] the user 
request comprises receiving a login name from said user. 

12. (Currently Amended) A method for accessing a plurality of resources having 
different authorization requirements, comprising: 
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registering a user with a network; 

generating a unique universal user identifier representing said user at the time said 

user registers with said network, said unique universal user identifier being at least partially 
based on information supplied by said user during registration with said network; 

accessing, via an electronic device, said network work comprising [[a]] said plurality of 
resources; 

providing identifying data to said network; 

retrieving, in response to the identifying data, said unique universal user 
identifier from a repository of unique universal user identifiers; 

storing said unique universal user identifier on a storage device, said unique universal 
user identifier indicating said user is authenticated; and 

accessing one of said plurality of resources, wherein said unique universal user 
identifier is transmitted to said one of said plurality of resources to identify said user such that 
said user can access authorized resources without providing additional identifying 
information and without authentication time-out interval using said unique universal identifier 
and wherein said user is denied access to unauthorized resources. 

18. (Currently Amended) A method for user authentication and authorization, 
comprising: 
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accessing a repository containing a plurality of unique universal user identifiers, each 
of said unique universal user identifiers being unique to a user; 

retrieving one of said unique universal user identifiers from said repository, 

storing said unique universal user identifier in a data packet readable by an electronic 

device; 

transmitting said data packet to a storage device coupled to said electronic device; [[and]] 

making said data packet available to a resource configured within an enterprise 
network to authorize said user[[.]] and 

said user accessing said resources without authentication time-out interval using said data 

packet. 

23. (Currently Amended) A system for user authentication and authorization, 
comprising: 

a repository containing a plurality of unique universal user identifiers, each unique 
universal user identifier being unique to a user; 

a first software tool operable to receive user login information, access said repository, 

retrieve one of said plurality of [[a]] unique universal user identifier relating to said user from 
said repository, and 



Application/Control Number: 09/972,226 Page 6 

Art Unit: 2136 

transmit said unique universal user identifier to an electronic storage device suitable for 
storing said unique universal user identifier in a data packet for transmission to resources 

within a network; [[and]] 

a second software tool suitable for receiving said data packet and locating 
authorization datum of said user[[.]] ; and 

said user accessing said resources without authentication timeout interval using said data 

packet, 

28. (Currently Amended) A computer-readable medium encoded with logic 

operable, when executed on a computer processor, to perform [[the]] steps comprising: 

receiving a user request from a user of an electronic device; 

searching for a user credential corresponding to said user in an authentication 
database; 

locating said user credential in said authentication database; 

retrieving from said authentication database a unique universal user identifier 
representing said user upon locating said user credential; 

packaging said unique universal user identifier in a data packet; and 
transmitting said data packet to said electronic device such that said data packet is 
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transmittable to electronic devices in communication with a network when said user attempts 
to access a resource within said network such that said user can access authorized resources 
without providing additional identifying information and without authentication timeout interval 
using said data packet. 

Allowable Subject Matter 

3. Claims 1-13 and 15-35 are allowed. 

Steele et al. US 7016875 Bl discloses a method of single sign-on (abstract) by generating Global 
unique Identifier (GUID) and ticket (col. 9 lines 42-67) to users requesting access to plurality of 
resources (col. 10 lines 19-31). Steele et al.'s method discloses allowing access to resource 
within authentication time-out interval and the access to a session is only within a specified 
period of time (see col. 25 lines 24-63). None of the applied references disclose allowing access 
to users using a single-sign-on without a specified time period. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272-3867. 
The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser R. Moazzami can be reached on (571) 272-4195. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




August 21, 2007 



NASSER MOAZZAMI 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




